Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/1c0205-5c65-47cd-b1b3-27c26b23b845/1/Uk3bFeu2vggvn3RURW4D1j9wA0s.roa
File: Uk3bFeu2vggvn3RURW4D1j9wA0s.roa (raw, json)
Hash identifier: qf3QuNlkmR2/8NjdGrfw3qcY4tnIiaHzJdTvA7fEjAo=
Subject key identifier: 52:4D:DB:15:EB:B6:BE:08:2F:9F:74:54:45:6E:03:D6:3F:70:03:4B
Certificate issuer: /CN=5740040e1b7a532dd2aec22e93a622b2e1b3bdef
Certificate serial: 018CC86F134479A1323D5FF5484B7BAF5434
Authority key identifier: 57:40:04:0E:1B:7A:53:2D:D2:AE:C2:2E:93:A6:22:B2:E1:B3:BD:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V0AEDht6Uy3SrsIuk6YisuGzve8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/1c0205-5c65-47cd-b1b3-27c26b23b845/1/Uk3bFeu2vggvn3RURW4D1j9wA0s.roa
Signing time: Tue 02 Jan 2024 04:29:31 +0000
ROA not before: Tue 02 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 680
IP address blocks: 194.76.232.0/22 maxlen: 22
194.76.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/1c0205-5c65-47cd-b1b3-27c26b23b845/1/V0AEDht6Uy3SrsIuk6YisuGzve8.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/1c0205-5c65-47cd-b1b3-27c26b23b845/1/V0AEDht6Uy3SrsIuk6YisuGzve8.mft
rsync://rpki.ripe.net/repository/DEFAULT/V0AEDht6Uy3SrsIuk6YisuGzve8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:13:44:79:a1:32:3d:5f:f5:48:4b:7b:af:54:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5740040e1b7a532dd2aec22e93a622b2e1b3bdef
Validity
Not Before: Jan 2 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=524ddb15ebb6be082f9f7454456e03d63f70034b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b0:7e:59:7a:ba:b5:17:77:df:61:27:8e:87:
9e:61:fd:d4:39:c3:72:fb:2a:1e:a1:c0:d7:7b:c4:
b8:f0:dd:e5:e2:60:51:41:49:b5:7d:f2:3d:c3:84:
e4:00:77:57:dc:18:16:17:8a:8a:7a:3c:09:ec:97:
26:7a:d8:65:a1:e5:6b:77:24:58:c2:00:2d:6e:b7:
81:18:fb:18:c7:fd:e7:2b:bb:50:67:b3:ed:b4:ac:
ca:70:9d:27:98:c8:5b:c4:3a:43:9d:f7:20:c4:8f:
c3:51:67:c1:52:91:d9:f2:26:cf:56:80:37:51:e9:
39:d4:b2:d3:84:0b:7c:af:a1:f0:57:6c:ea:eb:98:
d6:bc:39:f5:41:3a:7e:28:e3:e2:0c:ce:84:67:98:
e7:1c:01:3d:e5:51:54:6a:58:4d:61:fa:14:be:84:
7f:15:e0:a0:9a:e1:68:09:e8:48:5e:3c:25:93:3c:
02:68:54:36:d7:cc:57:89:08:94:57:33:fd:b4:d1:
3f:b0:05:b2:fe:2b:f1:80:c3:b6:33:ce:97:ab:2a:
7e:33:dc:7c:fe:23:25:df:95:cd:99:f2:31:2d:81:
a1:98:af:d4:3a:0c:23:59:7d:07:c0:ea:c2:fb:05:
50:6b:c5:93:5c:fb:33:29:f9:59:42:89:34:cb:e8:
ed:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:4D:DB:15:EB:B6:BE:08:2F:9F:74:54:45:6E:03:D6:3F:70:03:4B
X509v3 Authority Key Identifier:
keyid:57:40:04:0E:1B:7A:53:2D:D2:AE:C2:2E:93:A6:22:B2:E1:B3:BD:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V0AEDht6Uy3SrsIuk6YisuGzve8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/1c0205-5c65-47cd-b1b3-27c26b23b845/1/Uk3bFeu2vggvn3RURW4D1j9wA0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/1c0205-5c65-47cd-b1b3-27c26b23b845/1/V0AEDht6Uy3SrsIuk6YisuGzve8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.232.0/22
Signature Algorithm: sha256WithRSAEncryption
63:32:51:42:8e:70:cd:a2:98:5b:77:2e:b1:53:61:aa:28:e1:
d9:d5:a0:b1:08:82:c9:22:fd:79:3f:30:85:3d:20:b6:91:62:
6a:31:11:b8:f0:ba:f5:71:72:94:e7:52:05:88:dc:2c:26:04:
96:bd:d3:12:03:1e:43:c4:8d:3a:0a:52:75:56:83:03:f3:b7:
24:00:3c:9f:ea:6f:91:62:24:c0:73:5c:d8:90:b6:8f:cb:9b:
dc:af:72:f9:70:fe:da:5a:2d:0f:2d:1d:27:49:8b:4c:87:c8:
82:bd:2a:11:ba:3a:77:72:7d:d3:6d:f0:0f:a3:72:a0:48:a1:
41:74:ac:57:75:3b:e2:a3:ae:be:32:fc:25:00:37:ac:68:20:
59:d3:9e:87:e0:ff:00:11:db:17:89:a2:2a:dd:ed:48:f3:4d:
d9:fb:99:fd:e0:2a:6f:c1:85:6b:68:05:ca:53:e0:cf:1c:04:
b9:84:3f:d1:93:c3:c2:de:5e:29:2d:9e:ba:00:7a:3b:a2:9c:
a2:df:d8:12:77:89:95:bf:93:17:d8:c9:57:b2:77:6d:ec:6d:
f8:ce:89:1c:1a:fe:c8:0e:e7:24:03:b6:71:38:8f:68:7a:e0:
03:ec:b9:ce:6e:5e:b7:b5:4c:42:70:90:51:fe:ec:69:54:93:
41:b5:89:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbxNEeaEyPV/1SEt7r1Q0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NDAwNDBlMWI3YTUzMmRkMmFlYzIyZTkzYTYyMmIyZTFi
M2JkZWYwHhcNMjQwMTAyMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjRkZGIxNWViYjZiZTA4MmY5Zjc0NTQ0NTZlMDNkNjNmNzAwMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLB+WXq6tRd332EnjoeeYf3UOcNy
+yoeocDXe8S48N3l4mBRQUm1ffI9w4TkAHdX3BgWF4qKejwJ7JcmethloeVrdyRY
wgAtbreBGPsYx/3nK7tQZ7PttKzKcJ0nmMhbxDpDnfcgxI/DUWfBUpHZ8ibPVoA3
Uek51LLThAt8r6HwV2zq65jWvDn1QTp+KOPiDM6EZ5jnHAE95VFUalhNYfoUvoR/
FeCgmuFoCehIXjwlkzwCaFQ218xXiQiUVzP9tNE/sAWy/ivxgMO2M86Xqyp+M9x8
/iMl35XNmfIxLYGhmK/UOgwjWX0HwOrC+wVQa8WTXPszKflZQok0y+jt8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFJN2xXrtr4IL590VEVuA9Y/cANLMB8GA1UdIwQY
MBaAFFdABA4belMt0q7CLpOmIrLhs73vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjBBRURodDZVeTNTcnNJdWs2WWlzdUd6dmU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8xYzAyMDUtNWM2NS00N2NkLWIxYjMt
MjdjMjZiMjNiODQ1LzEvVWszYkZldTJ2Z2d2bjNSVVJXNEQxajl3QTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8xYzAyMDUtNWM2NS00N2NkLWIxYjMtMjdjMjZiMjNiODQ1
LzEvVjBBRURodDZVeTNTcnNJdWs2WWlzdUd6dmU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwkzoMA0G
CSqGSIb3DQEBCwUAA4IBAQBjMlFCjnDNophbdy6xU2GqKOHZ1aCxCILJIv15PzCF
PSC2kWJqMRG48Lr1cXKU51IFiNwsJgSWvdMSAx5DxI06ClJ1VoMD87ckADyf6m+R
YiTAc1zYkLaPy5vcr3L5cP7aWi0PLR0nSYtMh8iCvSoRujp3cn3TbfAPo3KgSKFB
dKxXdTvio66+MvwlADesaCBZ056H4P8AEdsXiaIq3e1I803Z+5n94CpvwYVraAXK
U+DPHAS5hD/Rk8PC3l4pLZ66AHo7opyi39gSd4mVv5MX2MlXsndt7G34zokcGv7I
DuckA7ZxOI9oeuAD7LnObl63tUxCcJBR/uxpVJNBtYn4
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:11:42 2024 by rpki-client on console-fra.rpki-client.org